Merge pull request #214 from Security-Onion-Solutions/feature/so-allow-flags

Feature/so allow flags
2025-12-06 09:12:45 +01:00 · 2020-01-14 05:40:04 -05:00
parent 512391066d 8e7b2bc888
commit fffae29af9
1 changed files with 75 additions and 24 deletions
--- a/salt/common/tools/sbin/so-allow
+++ b/salt/common/tools/sbin/so-allow
@@ -1,4 +1,22 @@
 #!/bin/bash
+#
+# Copyright 2014,2015,2016,2017,2018,2019,2020 Security Onion Solutions, LLC
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+SKIP=0
+
 got_root() {

  # Make sure you are root
@@ -11,31 +29,64 @@ got_root() {

 got_root

-echo "This program allows you to add a firewall rule to allow connections from a new IP address."
-echo ""
-echo "Choose the role for the IP or Range you would like to add"
-echo ""
-echo "[a] - Analyst - ports 80/tcp and 443/tcp"
-echo "[b] - Logstash Beat - port 5044/tcp"
-echo "[o] - Osquery endpoint - port 8080/tcp"
-echo "[w] - Wazuh endpoint - port 1514"
-echo ""
-echo "Please enter your selection (a - analyst, b - beats, o - osquery, w - wazuh):"
-read ROLE
-echo "Enter a single ip address or range to allow (example: 10.10.10.10 or 10.10.0.0/16):"
-read IP
+while getopts "abowi:" OPTION
+do
+    case $OPTION in
+
+        h)
+            usage
+            exit 0
+            ;;
+        a)
+            FULLROLE="analyst"
+            SKIP=1
+            ;;
+        b)
+            FULLROLE="beats_endpoint"
+            SKIP=1
+            ;;
+        i)  IP=$OPTARG
+            ;;
+        o)
+            FULLROLE="osquery_endpoint"
+            SKIP=1
+            ;;
+        w)
+            FULLROLE="wazuh_endpoint"
+            SKIP=1
+            ;;
+    esac
+done
+
+if [ "$SKIP" -eq 0 ]; then
+
+    echo "This program allows you to add a firewall rule to allow connections from a new IP address."
+    echo ""
+    echo "Choose the role for the IP or Range you would like to add"
+    echo ""
+    echo "[a] - Analyst - ports 80/tcp and 443/tcp"
+    echo "[b] - Logstash Beat - port 5044/tcp"
+    echo "[o] - Osquery endpoint - port 8080/tcp"
+    echo "[w] - Wazuh endpoint - port 1514"
+    echo ""
+    echo "Please enter your selection (a - analyst, b - beats, o - osquery, w - wazuh):"
+    read ROLE
+    echo "Enter a single ip address or range to allow (example: 10.10.10.10 or 10.10.0.0/16):"
+    read IP
+
+    if [ "$ROLE" == "a" ]; then
+        FULLROLE=analyst
+    elif [ "$ROLE" == "b" ]; then
+        FULLROLE=beats_endpoint
+    elif [ "$ROLE" == "o" ]; then
+        FULLROLE=osquery_endpoint
+    elif [ "$ROLE" == "w" ]; then
+        FULLROLE=wazuh_endpoint
+    else
+        echo "I don't recognize that role"
+        exit 1
+    fi

-if [ "$ROLE" == "a" ]; then
-  FULLROLE=analyst
-elif [ "$ROLE" == "b" ]; then
-  FULLROLE=beats_endpoint
-elif [ "$ROLE" == "o" ]; then
-  FULLROLE=osquery_endpoint
-elif [ "$ROLE" == "w" ]; then
-  FULLROLE=wazuh_endpoint
-else
-  echo "I don't recognize that role"
-  exit 1
 fi

 echo "Adding $IP to the $FULLROLE role. This can take a few seconds"